Firewall Wizards mailing list archives
Re: Discretionary WiFi Access
From: John Adams <jna+dated+1121217368.5d89bc () retina net>
Date: Thu, 7 Jul 2005 18:16:08 -0700 (PDT)
On Thu, 7 Jul 2005, Dave Null wrote:
Its not firewall related, but there's some smart minds on this list. My company has started looking into campus-wide WiFi. I'll keep my
The way I see it, you've got three options if you want to run wireless:1) Open Internet Access, where the APs terminate access outside the firewall (or on a seperate leg of the firewall). Corporate users have to use a VPN to get into the corp. network. This is what many large companies with campus-wide networks do. Pretty easy to implement with commercial VPN or Windows VPN solutions.
2) No access to network at all without network authentication (802.1X / TTLS / EAP / MSv2CHap or PAP.) No one gets in unless they authenticate, and even then, there's different levels of authentication for different sections of the network. Hard to implement, but worth it in the end.
3) Same as #2, but you create a 'guest' account for Network Authentication with limited access. I don't like this one, and few admins do, but it keeps interlopers off your net.
-john -- J. Adams http://www.retina.net/~jna _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Discretionary WiFi Access Dave Null (Jul 07)
- Re: Discretionary WiFi Access John Adams (Jul 08)
- Re: Discretionary WiFi Access Sp0oKeR Labs (Jul 08)
- Re: Discretionary WiFi Access Kevin (Jul 08)
- RE: Discretionary WiFi Access Jose Varghese (Jul 08)
- Re: Discretionary WiFi Access Brenno Hiemstra (Jul 14)
- RE: Discretionary WiFi Access StefanDorn (Jul 14)
- Re: Discretionary WiFi Access Vinicius Moreira Mello (Jul 21)
- Re: Discretionary WiFi Access Jim Seymour (Jul 21)
- Re: Discretionary WiFi Access Josh Welch (Jul 14)
- Re: Discretionary WiFi Access Paul D. Robertson (Jul 21)
- Re: Discretionary WiFi Access Jim Seymour (Jul 21)
- Re: Discretionary WiFi Access Paul D. Robertson (Jul 21)
(Thread continues...)